<!--
Copyright 2004 - 2013 Wayne Grant
          2013 - 2017 Kai Kramer

This file is part of KeyStore Explorer.

KeyStore Explorer is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

KeyStore Explorer is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with KeyStore Explorer.  If not, see <http://www.gnu.org/licenses/>.
-->
<html>
    <head>
        <title>Authority Certificates Configuration</title>
        <link rel=stylesheet href="help.css" type="text/css">
    </head>

    <body>

        <h1>Authority Certificates Configuration</h1>
        <hr>

        Additional certificates can be considered when forming trust paths and
        attempting to match root certificates.  This is relevant when importing Trusted Certificates
        and CA replies.

        <p>

        Such Authority Certificates can be sourced from a designated CA Certificates KeyStore and,
        for Windows users, the Windows Trusted Root Certificates.

        <p>

        To configure the Authority Certificates:

        <ol>
            <li>From the <b>Tools</b> menu, choose <b>Preferences</b>.
            <br><br>
            <b>Mac OS users:</b> From the <b>KeyStore Explorer</b> menu, choose <b>Preferences</b>.</li>

            <br>

            <li>The <b>Preferences</b> dialog will be displayed.  Select the <b>Authority Certificates</b>
                tab.</li>

            <br>

            <li>The default <b>CA Certificates KeyStore</b> is the <b>cacerts</b> file bundled with Java.
                To change to another KeyStore:</li>

                <ol>
                    <li>Press the <b>Browse</b> button.</li>

                    <br>

                    <li>The <b>Choose CA Certificates KeyStore</b> dialog will appear.</li>

                    <br>

                    <li>Select the drive and folder where the KeyStore file is located.</li>

                    <br>

                    <li>Type the filename into the <b>File Name</b> text box.</li>

                    <br>

                    <li>Click on the <b>Choose</b> button.</li>
                </ol>

            <li>Tick the <b>Use CA Certificates KeyStore</b> check box to enable its use.</li>

            <br>

            <li>Tick the <b>Use Windows Trusted Root Certificates</b> check box to enable its use.</li>

            <br>

            <li>Press the <b>OK</b> button to save your settings and dismiss the <b>Preferences</b>
                dialog.</li>

        </ol>

        <b>Notes:</b>

        <ul>
            <li>If the use of the CA Certificates KeyStore is enabled then the first time that
                you attempt to import a Trusted Certificate or CA Reply in a KeyStore Explorer
                session you will be prompted for the CA Certificates KeyStore password.</li>

            <br>

            <li>The default password for the <b>cacerts</b> file bundled with Java is "changeit".</li>
        </ul>

        <hr>

        <center><small>Copyright 2004 - 2013 Wayne Grant, 2013 - 2017 Kai Kramer</small></center>

    </body>
</html>
